Entrust Datacard

Entrust Certificate Services Support Knowledge Base

Last Modified: 2017-03-07 10:30:09.0

FAQs Microsoft Azure KeyVault

Article Number: 70648

User-added image

Frequently Asked Questions for Microsoft Azure Key Vault:
What is Microsoft Azure Key Vault?
What are the requirements for Microsoft Azure Key Vault?
Are Entrust Datacard SSL/TLS certificates compatible with Microsoft Azure Key Vault?
Does Microsoft Azure Key Vault provide PKCS (Public-Key Cryptography Standards) related services?
What is the implication with missing PKCS services on the Key vault and what method to manage keys inside the key vault?
What other steps must be completed to use SSL/TLS certificates inside the key vault ?

What is Microsoft Azure Key Vault?

Microsoft Azure Key Vault is a cloud-hosted management service that allows users to encrypt keys and small secrets by using keys that are protected by hardware security modules (HSMs). https://docs.microsoft.com/en-us/azure/key-vault/key-vault-whatis

What are the requirements for Microsoft Azure Key Vault?
  • You must have an active Microsoft Azure account.
  • You must have selected either the Free or HSM (paid) subscription option.
  • Microsoft Azure PowerShell must be installed. You can download it here.
For a detailed description of subscription and requirements information please visit:
https://docs.microsoft.com/en-us/azure/key-vault/key-vault-get-started

Are Entrust Datacard SSL/TLS certificates compatible with Microsoft Azure Key Vault?

Yes, Entrust SSL certificates are fully compatible with Microsoft Azure Key Vault. The process to import an Entrust Datacard SSL/TLS certificate can be found here.

Does Microsoft Azure Key Vault provide PKCS (Public-Key Cryptography Standards) related services?

No, on this current version of Key Vault, the PKCS services will not be offered and there is no any plan yet by Microsoft to make it available.

What is the implication with missing PKCS services on the Key vault and what method to manage keys inside the key vault?

The document signing function will not be supported on this environment. Microsoft Azure Key vault use REST API for managing the key vault: http://www.entrust.net/knowledge-base/technote.cfm?tn=70600
 
What other steps must be completed to use SSL/TLS certificates inside the key vault ?

Applications that use a key vault must authenticate by using a token from Azure Active Directory. The developer need to register the application with Azure Active Directory and then authorize the application to use the key. The detail information can be found here: https://docs.microsoft.com/en-us/azure/key-vault/key-vault-get-started
 

For best practices regarding the protection of private keys related to Code Signing certificates, please see our Best Practices article here.

If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance: 

Hours of Operation: 
Sunday 8:00 PM ET to Friday 8:00 PM ET 
North America (toll free): 1-866-267-9297 
Outside North America: 1-613-270-2680 (or see the list below) 
NOTE: It is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call.
 

CountryNumber
Australia0011 - 800-3687-7863
1-800-767-513
Austria00 - 800-3687-7863
Belgium00 - 800-3687-7863
Denmark00 - 800-3687-7863
Finland990 - 800-3687-7863 (Telecom Finland)
00 - 800-3687-7863 (Finnet)
France00 - 800-3687-7863
Germany00 - 800-3687-7863
Hong Kong001 - 800-3687-7863 (Voice)
002 - 800-3687-7863 (Fax)
Ireland00 - 800-3687-7863
Israel014 - 800-3687-7863
Italy00 - 800-3687-7863
Japan001 - 800-3687-7863 (KDD)
004 - 800-3687-7863 (ITJ)
0061 - 800-3687-7863 (IDC)
Korea001 - 800-3687-7863 (Korea Telecom)
002 - 800-3687-7863 (Dacom)
Malaysia00 - 800-3687-7863
Netherlands00 - 800-3687-7863
New Zealand00 - 800-3687-7863
0800-4413101
Norway00 - 800-3687-7863
Singapore001 - 800-3687-7863
Spain00 - 800-3687-7863
Sweden00 - 800-3687-7863 (Telia)
00 - 800-3687-7863 (Tele2)
Switzerland00 - 800-3687-7863
Taiwan00 - 800-3687-7863
United Kingdom00 - 800-3687-7863
0800 121 6078
+44 (0) 118 953 3088

Affected Products:

  • Entrust Entelligence Messaging Server 8.0 English Linux